I have a written a registration script which enters the information into the db and sets MD5 and reports errors like duplicate emails.

However I am completely stuck on how to integrate an email notification into it.

Does anyone know how to do this or point me in the right direction.

Cmarenburg
—
2012-06-03T20:18:50Z —
#2

Hello,

php offers a simple way to email. using mail(). Here's an example of my email registration code.

$headers = "From: no-reply@yourdomain.com" . "\\r\
" . "Reply-to: somthing@yourdomain.com";
$message = "Hello {$name}, welcome to <sitename> you you can login with: {$email} and your the password you entered";
$subject = "Your Account";
$to = $_POST['email']; // you should run that through a cleaning function or clean it some how
mail($to,$subject,$message,$headers);

You should always set headers when you send an email. This is just good practice (or at least i think they should be set). I added a reply-to because i send from a account that is not monitered. And if the person that recives the email replys it well be sent to the one i check. However this is not needed. and then subject (you don't want an email to go out with out a subject do you?). Any ways this is a basic run down i am sure people have different ways of applying this.

justlukeyou
—
2012-06-03T20:43:00Z —
#3

Thanks, I have got this working. How do I turn into a system where by the user has to click a link into the email to confirm receipt?

Cmarenburg
—
2012-06-03T20:59:36Z —
#4

You would need to generate an key. I have used mt_rand() and then hashed it using sha384. So here's an example.

<?php
$activateKey = hash('sha384', mt_rand());
?>

you would just insert the key into a database and then just replace the other message with this one:

$message = "Hello {$name},
Before you can use your account you must activate it! you can activate here: http://mysite.com/activate.php?key={$activateKey}&email={$email}";

Then on the activate page you would query your database for example you do do

Also as a side note {} are short tags. You could also use (and should) use '.$var.' on a system that well end up on different servers etc(ie. if you plan to distribute)

chris_upjohn
—
2012-06-03T23:12:29Z —
#5

There is no reason for the email address to be sent in the activation link as a random hash key would be enough to validate the user since it can only be seen by the person who signed up, as for validating the email address the filter_input() function can handle that.